1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
Return-Path: <mail@chrisacheson.net>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id C5E8EC8B
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 14 Apr 2017 22:55:35 +0000 (UTC)
X-Greylist: delayed 12:02:46 by SQLgrey-1.7.6
Received: from hapkido.dreamhost.com (hapkido.dreamhost.com [66.33.216.122])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2DED6107
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 14 Apr 2017 22:55:35 +0000 (UTC)
Received: from homiemail-a79.g.dreamhost.com (sub5.mail.dreamhost.com
[208.113.200.129])
by hapkido.dreamhost.com (Postfix) with ESMTP id 8F5AC8715C
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 14 Apr 2017 03:52:48 -0700 (PDT)
Received: from homiemail-a79.g.dreamhost.com (localhost [127.0.0.1])
by homiemail-a79.g.dreamhost.com (Postfix) with ESMTP id D66226002752
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 14 Apr 2017 03:52:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=chrisacheson.net; h=to
:from:subject:message-id:date:mime-version:content-type
:content-transfer-encoding; s=chrisacheson.net; bh=Jcp3UcPPFazko
u4KdgCU86IICGw=; b=GAU/uu13g8aMRxEfBYGVH7ZlfGgOB4mRW5HiOiy53tNkd
gfCmhAdE8eDuYcY2CRVJIA6j1VYK60bkVpP95SU5vPYcVNwJvmzm2rwgBMhNB2LH
/pcYzPMyQaL/nTUAo81wKHBxxR0mkCtIYqX45B89JIUpMk0w0295QY/1fOtVpE=
Received: from [192.168.1.2] (unknown [104.153.30.236])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
(Authenticated sender: mail@chrisacheson.net)
by homiemail-a79.g.dreamhost.com (Postfix) with ESMTPSA id A0790600274A
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 14 Apr 2017 03:52:47 -0700 (PDT)
To: bitcoin-dev@lists.linuxfoundation.org
From: Chris Acheson <mail@chrisacheson.net>
Message-ID: <03e427ef-c655-7ec6-78a2-717b78bc43af@chrisacheson.net>
Date: Fri, 14 Apr 2017 06:52:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
Thunderbird/45.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE,
RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Fri, 14 Apr 2017 23:04:04 +0000
Subject: [bitcoin-dev] I do not support the BIP 148 UASF
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2017 22:55:35 -0000
Speaking as one of the BIP148 agitators:
> There have been some other UASF proposals that avoid the forced
> disruption-- by just defining a new witness bit and allowing
> non-upgraded-to-uasf miners and nodes to continue as non-upgraded, I
> think they are vastly superior. They would be slower to deploy, but I
> do not think that is a flaw.
I'm assuming that you're referring to the flag date "segwit is on now"
approach. This is more dangerous than the orphaning approach that BIP148
uses.
If we orphan non-signalling blocks on the flag date and don't have
majority hash power supporting us, there will be a chain split on the
flag day. We expect this to happen, we plan for it, and we employ
strategies to mitigate any damage. The bulk of the economy has
coordinated around this event happening. We even had the opportunity to
pull the plug before the flag date if things were looking too grim.
After the dust settles, 100% of the miners are guaranteed to have
upgraded, assuming they didn't choose to forgo 2+ weeks of income. Any
further chain splits would have to be the result of deliberate action by
51%+ of the mining power.
If we just have segwit activate on the flag date without orphaning the
blocks of non-segwit miners, we set ourselves up for a chain split at
some unknown time in the future. Without majority hash power on our
side, as soon as someone mines a segwit-invalid transaction, the chain
will split, with upgraded nodes and miners on one side, and non-upgraded
nodes and miners on the other side. The segwit-invalid transaction
doesn't even need to come from someone with their own mining equipment.
Open a short on BTC, rent some hash power, profit.
Since we don't know when this attack will occur, we won't be organized
and ready for it. It's also easy for both miners and users to get
complacent about it and fail to upgrade. The damage will be far worse
than if we had used the orphaning approach.
> "First do no harm." We should use the least disruptive mechanisms
> available, and the BIP148 proposal does not meet that test. To hear
> some people-- non-developers on reddit and such-- a few even see the
> forced orphaning of 148 as a virtue, that it's punitive for
> misbehaving miners. I could not not disagree with that perspective any
> more strongly.
Punitive action against miners is not the point of BIP148, it's an
unavoidable side-effect of making the UASF less disruptive for the users
of Bitcoin. Minimizing disruption for users must take priority over
minimizing disruption for miners. Given the intensity of this dispute
and the bad faith of certain actors, some schadenfreude is bound to
occur. Don't let that distract you from the actual reasons that BIP148
is designed the way it is.
> We should have patience. Bitcoin is a system that should last for all
> ages and power mankind for a long time-- ten years from now a couple
> years of dispute will seem like nothing. But the reputation we earn
> for stability and integrity, for being a system of money people can
> count on will mean everything.
I respect this perspective, and I agree with it to a certain extent.
However, continuing to wait has costs. I do not believe we have the
luxury of continuing to wait for a couple more years. In doing so it's
entirely possible that we may damage our reputation for stability and
integrity rather than build on it.
We have a window of opportunity with BIP148, and it would be a waste not
to act on it. In the event that we still lack sufficient support by
July, we can abandon the project, and make plans for how best to proceed
from there.
|
